A group of hackers gained access to the backend of an AI chatbot that fast food franchises use to help automate hiring. The researchers were seemingly able to accept or reject specific job applicants, and had access to a wealth of sensitive information on applicants, the fast food franchises, and the AI company itself, called Chattr.
MrBruh, one of the researchers involved, told 404 Media in an email that the access could have been used to ransom the data. That is, “nuke the DB [database] then ask for money if they want it back.”
“I'm just glad I managed to nip it in the bud,” they added. MrBruh said they reported the issue to Chattr.
Chattr advertises itself as “the first ever automated end-to-end hiring software for the hourly workforce powered by an AI digital assistant.”